Approved changes feed: RSS · Atom

cpe:2.3:a:motopress:motopress_hotel_booking_lite:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorMotopress (6d317652-94c4-5c1f-ac88-5ca1ba2616b8)
ProductMotopress Hotel Booking Lite (ffc1a3e3-8ee5-522d-b3e7-5d084aa46660)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2022-50948 vulnerable 2026-06-08 05:52:03.760111 Motopress Hotel Booking Lite 4.2.4 Stored Cross-Site Scripting
MEDIUM (6.4)
Motopress Hotel Booking Lite 4.2.4 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting payloads in accommodation type fields. Attackers can inject script tags through the title and excerpt parameters when creating accommodation types, which execute in the browser when visitors access the accommodations page.
Published: 2026-05-10T12:12:48.402Z
Updated: 2026-05-24T01:37:25.349Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.